oss-sec mailing list archives
CVE Request: Python keyring
From: Marc Deslauriers <marc.deslauriers () canonical com>
Date: Fri, 16 Nov 2012 11:14:41 -0500
Hello, Python keyring before 0.10 created keyring files world-readable by default. Fixed in the following commit: https://bitbucket.org/kang/python-keyring-lib/changeset/049cd181470f1ee6c540e1d64acf1def7b1de0c1 Bugs: https://bugs.launchpad.net/ubuntu/+source/python-keyring/+bug/1031465 https://bitbucket.org/kang/python-keyring-lib/issue/67/set-go-rwx-on-keyring_passcfg Could a CVE please be assigned to this issue? Thanks, Marc. -- Marc Deslauriers Ubuntu Security Engineer | http://www.ubuntu.com/ Canonical Ltd. | http://www.canonical.com/
Current thread:
- CVE Request: Python keyring Marc Deslauriers (Oct 05)
- Re: CVE Request: Python keyring Raphael Geissert (Oct 30)
- Re: CVE Request: Python keyring Kurt Seifried (Oct 31)
- <Possible follow-ups>
- CVE Request: Python keyring Marc Deslauriers (Nov 16)
- Re: CVE Request: Python keyring Marc Deslauriers (Nov 19)
- Re: CVE Request: Python keyring Matthias Weckbecker (Nov 22)
- Re: CVE Request: Python keyring Kurt Seifried (Nov 26)
- Re: CVE Request: Python keyring Marc Deslauriers (Nov 19)
- Re: CVE Request: Python keyring Kurt Seifried (Nov 26)
- Re: CVE Request: Python keyring Raphael Geissert (Oct 30)